logos-storage/plonky2
1
0
Fork 0
mirror of https://github.com/logos-storage/plonky2.git synced 2026-01-10 17:53:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

segment virts

Browse Source
This commit is contained in:
Dmitry Vagner 2023-02-13 14:04:43 -08:00
parent d320fbfbca
commit 80e49caae1
5 changed files with 198 additions and 198 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

236
evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/invariant_exponent.asm
View File

@ -13,15 +13,15 @@ global bn254_invariant_exponent:
/// def first_exp(y):
/// return y.frob(6) / y
// stack: out, retdest {out: y}
%stack (out) -> (out, 100, first_exp, out)
// stack: out, 100, first_exp, out, retdest {out: y}
%stack (out) -> (out, 0, first_exp, out)
// stack: out, 0, first_exp, out, retdest {out: y}
%jump(inv_fp254_12)
first_exp:
// stack: out, retdest {out: y , 100: y^-1}
// stack: out, retdest {out: y , 0: y^-1}
%frob_fp254_12_6
// stack: out, retdest {out: y_6, 100: y^-1}
%stack (out) -> (out, 100, out, second_exp, out)
// stack: out, 100, out, second_exp, out, retdest {out: y_6, 100: y^-1}
// stack: out, retdest {out: y_6, 0: y^-1}
%stack (out) -> (out, 0, out, second_exp, out)
// stack: out, 0, out, second_exp, out, retdest {out: y_6, 0: y^-1}
%jump(mul_fp254_12)
/// second, exponentiate by (p^2 + 1) via
@ -29,10 +29,10 @@ first_exp:
/// return y.frob(2) * y
second_exp:
// stack: out, retdest {out: y}
%stack (out) -> (out, 100, out, out, final_exp, out)
// stack: out, 100, out, out, final_exp, out, retdest {out: y}
%stack (out) -> (out, 0, out, out, final_exp, out)
// stack: out, 0, out, out, final_exp, out, retdest {out: y}
%frob_fp254_12_2_
// stack: 100, out, out, final_exp, out, retdest {out: y, 100: y_2}
// stack: 0, out, out, final_exp, out, retdest {out: y, 0: y_2}
%jump(mul_fp254_12)
/// Finally, we must exponentiate by (p^4 - p^2 + 1)/N
@ -52,19 +52,19 @@ second_exp:
/// final_power()
final_exp:
// stack: val, retdest
%stack (val) -> (val, 300, val)
// stack: val, 300, val, retdest
// stack: val, retdest
%stack (val) -> (val, 60, val)
// stack: val, 60, val, retdest
%move_fp254_12
// stack: 300, val, retdest
// stack: 60, val, retdest
%stack () -> (1, 1, 1)
// stack: 1, 1, 1, 300, val, retdest
%mstore_kernel_bn254_pairing(200)
%mstore_kernel_bn254_pairing(224)
%mstore_kernel_bn254_pairing(212)
// stack: 300, val, retdest {200: y0, 212: y2, 224: y4}
// stack: 1, 1, 1, 60, val, retdest
%mstore_kernel_bn254_pairing(12)
%mstore_kernel_bn254_pairing(36)
%mstore_kernel_bn254_pairing(24)
// stack: 60, val, retdest {12: y0, 24: y2, 36: y4}
%stack () -> (64, 62, 65)
// stack: 64, 62, 65, 300, val, retdest {200: y0, 212: y2, 224: y4}
// stack: 64, 62, 65, 60, val, retdest {12: y0, 24: y2, 36: y4}
%jump(power_loop_4)
/// After computing the powers
@ -87,49 +87,49 @@ final_exp:
/// return y * y2 * y1 * y0
custom_powers:
// stack: val, retdest {200: y0, 212: y2, 224: y4}
%stack () -> (200, 236, make_term_1)
// stack: 200, 236, make_term_1, val, retdest {200: y0, 212: y2, 224: y4}
// stack: val, retdest {12: y0, 24: y2, 36: y4}
%stack () -> (12, 48, make_term_1)
// stack: 12, 48, make_term_1, val, retdest {12: y0, 24: y2, 36: y4}
%jump(inv_fp254_12)
make_term_1:
// stack: val, retdest {212: y2, 224: y4, 236: y0^-1}
%stack () -> (212, 224, 224, make_term_2)
// stack: 212, 224, 224, make_term_2, val, retdest {212: y2, 224: y4, 236: y0^-1}
// stack: val, retdest {24: y2, 36: y4, 48: y0^-1}
%stack () -> (24, 36, 36, make_term_2)
// stack: 24, 36, 36, make_term_2, val, retdest {24: y2, 36: y4, 48: y0^-1}
%jump(mul_fp254_12)
make_term_2:
// stack: val, retdest {212: y2, 224: y4 * y2, 236: y0^-1}
%stack () -> (212, 224, 224, make_term_3)
// stack: 212, 224, 224, make_term_3, val, retdest {212: y2, 224: y4 * y2, 236: y0^-1}
// stack: val, retdest {24: y2, 36: y4 * y2, 48: y0^-1}
%stack () -> (24, 36, 36, make_term_3)
// stack: 24, 36, 36, make_term_3, val, retdest {24: y2, 36: y4 * y2, 48: y0^-1}
%jump(mul_fp254_12)
make_term_3:
// stack: val, retdest {212: y2, 224: y4 * y2^2, 236: y0^-1}
%stack () -> (236, 224, 224, final_power)
// stack: 236, 224, 224, final_power, val, retdest {212: y2, 224: y4 * y2^2, 236: y0^-1}
// stack: val, retdest {24: y2, 36: y4 * y2^2, 48: y0^-1}
%stack () -> (48, 36, 36, final_power)
// stack: 48, 36, 36, final_power, val, retdest {24: y2, 36: y4 * y2^2, 48: y0^-1}
%jump(mul_fp254_12)
final_power:
// stack: val, retdest {val: y , 212: y^a2 , 224: y^a1 , 236: y^a0}
// stack: val, retdest {val: y , 24: y^a2 , 36: y^a1 , 48: y^a0}
%frob_fp254_12_3
// stack: val, retdest {val: y_3, 212: y^a2 , 224: y^a1 , 236: y^a0}
%stack () -> (212, 212)
// stack: val, retdest {val: y_3, 24: y^a2 , 36: y^a1 , 48: y^a0}
%stack () -> (24, 24)
%frob_fp254_12_2_
POP
// stack: val, retdest {val: y_3, 212: (y^a2)_2, 224: y^a1 , 236: y^a0}
PUSH 224
// stack: val, retdest {val: y_3, 24: (y^a2)_2, 36: y^a1 , 48: y^a0}
PUSH 36
%frob_fp254_12_1
POP
// stack: val, retdest {val: y_3, 212: (y^a2)_2, 224: (y^a1)_1, 236: y^a0}
%stack (val) -> (212, val, val, penult_mul, val)
// stack: 212, val, val, penult_mul, val, retdest {val: y_3, 212: (y^a2)_2, 224: (y^a1)_1, 236: y^a0}
// stack: val, retdest {val: y_3, 24: (y^a2)_2, 36: (y^a1)_1, 48: y^a0}
%stack (val) -> (24, val, val, penult_mul, val)
// stack: 24, val, val, penult_mul, val, retdest {val: y_3, 24: (y^a2)_2, 36: (y^a1)_1, 48: y^a0}
%jump(mul_fp254_12)
penult_mul:
// stack: val, retdest {val: y_3 * (y^a2)_2, 224: (y^a1)_1, 236: y^a0}
%stack (val) -> (224, val, val, final_mul, val)
// stack: 224, val, val, final_mul, val, retdest {val: y_3 * (y^a2)_2, 224: (y^a1)_1, 236: y^a0}
// stack: val, retdest {val: y_3 * (y^a2)_2, 36: (y^a1)_1, 48: y^a0}
%stack (val) -> (36, val, val, final_mul, val)
// stack: 36, val, val, final_mul, val, retdest {val: y_3 * (y^a2)_2, 36: (y^a1)_1, 48: y^a0}
%jump(mul_fp254_12)
final_mul:
// stack: val, retdest {val: y_3 * (y^a2)_2 * (y^a1)_1, 236: y^a0}
%stack (val) -> (236, val, val)
// stack: 236, val, val, retdest {val: y_3 * (y^a2)_2 * (y^a1)_1, 236: y^a0}
// stack: val, retdest {val: y_3 * (y^a2)_2 * (y^a1)_1, 48: y^a0}
%stack (val) -> (48, val, val)
// stack: 48, val, val, retdest {val: y_3 * (y^a2)_2 * (y^a1)_1, 48: y^a0}
%jump(mul_fp254_12)
@ -164,156 +164,156 @@ final_mul:
/// y0 *= acc
power_loop_4:
// stack: i , j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: i , j, k, sqr {12: y0, 24: y2, 36: y4}
DUP1
ISZERO
// stack: break?, i , j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: break?, i , j, k, sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_4_end)
// stack: i , j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: i , j, k, sqr {12: y0, 24: y2, 36: y4}
%sub_const(1)
// stack: i-1, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: i-1, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP1
%mload_kernel_code(power_data_4)
// stack: abc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: abc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP1
%lt_const(100)
// stack: skip?, abc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: skip?, abc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_4_b)
// stack: abc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: abc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4}
%sub_const(100)
// stack: bc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4}
%stack () -> (224, 224, power_loop_4_b)
// stack: 224, 224, power_loop_4_b, bc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: bc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4}
%stack () -> (36, 36, power_loop_4_b)
// stack: 36, 36, power_loop_4_b, bc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP8
// stack: sqr, 224, 224, power_loop_4_b, bc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, 36, 36, power_loop_4_b, bc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)
power_loop_4_b:
// stack: bc, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: bc, i, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP1
%lt_const(10)
// stack: skip?, bc, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: skip?, bc, i, j, k, sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_4_c)
// stack: bc, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: bc, i, j, k, sqr {12: y0, 24: y2, 36: y4}
%sub_const(10)
// stack: c, i, j, k, sqr {200: y0, 212: y2, 224: y4}
%stack () -> (212, 212, power_loop_4_c)
// stack: 212, 212, power_loop_4_c, c, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: c, i, j, k, sqr {12: y0, 24: y2, 36: y4}
%stack () -> (24, 24, power_loop_4_c)
// stack: 24, 24, power_loop_4_c, c, i, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP8
// stack: sqr, 212, 212, power_loop_4_c, c, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, 24, 24, power_loop_4_c, c, i, j, k, sqr {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)
power_loop_4_c:
// stack: c, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: c, i, j, k, sqr {12: y0, 24: y2, 36: y4}
ISZERO
// stack: skip?, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: skip?, i, j, k, sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_4_sq)
// stack: i, j, k, sqr {200: y0, 212: y2, 224: y4}
%stack () -> (200, 200, power_loop_4_sq)
// stack: 200, 200, power_loop_4_sq, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: i, j, k, sqr {12: y0, 24: y2, 36: y4}
%stack () -> (12, 12, power_loop_4_sq)
// stack: 12, 12, power_loop_4_sq, i, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP7
// stack: sqr, 200, 200, power_loop_4_sq, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, 12, 12, power_loop_4_sq, i, j, k, sqr {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)
power_loop_4_sq:
// stack: i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: i, j, k, sqr {12: y0, 24: y2, 36: y4}
PUSH power_loop_4
// stack: power_loop_4, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: power_loop_4, i, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP5
DUP1
// stack: sqr, sqr, power_loop_4, i, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, sqr, power_loop_4, i, j, k, sqr {12: y0, 24: y2, 36: y4}
%jump(square_fp254_12)
power_loop_4_end:
// stack: 0, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: 0, j, k, sqr {12: y0, 24: y2, 36: y4}
POP
// stack: j, k, sqr {200: y0, 212: y2, 224: y4}
%stack () -> (224, 224, power_loop_2)
// stack: 224, 224, power_loop_2, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: j, k, sqr {12: y0, 24: y2, 36: y4}
%stack () -> (36, 36, power_loop_2)
// stack: 36, 36, power_loop_2, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP6
// stack: sqr, 224, 224, power_loop_2, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, 36, 36, power_loop_2, j, k, sqr {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)
power_loop_2:
// stack: j , k, sqr {200: y0, 212: y2, 224: y4}
// stack: j , k, sqr {12: y0, 24: y2, 36: y4}
DUP1
ISZERO
// stack: break?, j , k, sqr {200: y0, 212: y2, 224: y4}
// stack: break?, j , k, sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_2_end)
// stack: j , k, sqr {200: y0, 212: y2, 224: y4}
// stack: j , k, sqr {12: y0, 24: y2, 36: y4}
%sub_const(1)
// stack: j-1, k, sqr {200: y0, 212: y2, 224: y4}
// stack: j-1, k, sqr {12: y0, 24: y2, 36: y4}
DUP1
%mload_kernel_code(power_data_2)
// stack: ab, j-1, k, sqr {200: y0, 212: y2, 224: y4}
// stack: ab, j-1, k, sqr {12: y0, 24: y2, 36: y4}
DUP1
%lt_const(10)
// stack: skip?, ab, j-1, k, sqr {200: y0, 212: y2, 224: y4}
// stack: skip?, ab, j-1, k, sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_2_b)
// stack: ab, j-1, k, sqr {200: y0, 212: y2, 224: y4}
// stack: ab, j-1, k, sqr {12: y0, 24: y2, 36: y4}
%sub_const(10)
// stack: b, j-1, k, sqr {200: y0, 212: y2, 224: y4}
%stack () -> (212, 212, power_loop_2_b)
// stack: 212, 212, power_loop_2_b, b, j-1, k, sqr {200: y0, 212: y2, 224: y4}
// stack: b, j-1, k, sqr {12: y0, 24: y2, 36: y4}
%stack () -> (24, 24, power_loop_2_b)
// stack: 24, 24, power_loop_2_b, b, j-1, k, sqr {12: y0, 24: y2, 36: y4}
DUP7
// stack: sqr, 212, 212, power_loop_2_b, b, j-1, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, 24, 24, power_loop_2_b, b, j-1, k, sqr {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)
power_loop_2_b:
// stack: b, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: b, j, k, sqr {12: y0, 24: y2, 36: y4}
ISZERO
// stack: skip?, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: skip?, j, k, sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_2_sq)
// stack: j, k, sqr {200: y0, 212: y2, 224: y4}
%stack () -> (200, 200, power_loop_2_sq)
// stack: 200, 200, power_loop_2_sq, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: j, k, sqr {12: y0, 24: y2, 36: y4}
%stack () -> (12, 12, power_loop_2_sq)
// stack: 12, 12, power_loop_2_sq, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP6
// stack: sqr, 200, 200, power_loop_2_sq, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, 12, 12, power_loop_2_sq, j, k, sqr {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)
power_loop_2_sq:
// stack: j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: j, k, sqr {12: y0, 24: y2, 36: y4}
PUSH power_loop_2
// stack: power_loop_2, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: power_loop_2, j, k, sqr {12: y0, 24: y2, 36: y4}
DUP4
DUP1
// stack: sqr, sqr, power_loop_2, j, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, sqr, power_loop_2, j, k, sqr {12: y0, 24: y2, 36: y4}
%jump(square_fp254_12)
power_loop_2_end:
// stack: 0, k, sqr {200: y0, 212: y2, 224: y4}
// stack: 0, k, sqr {12: y0, 24: y2, 36: y4}
POP
// stack: k, sqr {200: y0, 212: y2, 224: y4}
%stack () -> (212, 212, power_loop_0)
// stack: 212, 212, power_loop_0, k, sqr {200: y0, 212: y2, 224: y4}
// stack: k, sqr {12: y0, 24: y2, 36: y4}
%stack () -> (24, 24, power_loop_0)
// stack: 24, 24, power_loop_0, k, sqr {12: y0, 24: y2, 36: y4}
DUP5
// stack: sqr, 212, 212, power_loop_0, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, 24, 24, power_loop_0, k, sqr {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)
power_loop_0:
// stack: k , sqr {200: y0, 212: y2, 224: y4}
// stack: k , sqr {12: y0, 24: y2, 36: y4}
DUP1
ISZERO
// stack: break?, k , sqr {200: y0, 212: y2, 224: y4}
// stack: break?, k , sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_0_end)
// stack: k , sqr {200: y0, 212: y2, 224: y4}
// stack: k , sqr {12: y0, 24: y2, 36: y4}
%sub_const(1)
// stack: k-1, sqr {200: y0, 212: y2, 224: y4}
// stack: k-1, sqr {12: y0, 24: y2, 36: y4}
DUP1
%mload_kernel_code(power_data_0)
// stack: a, k-1, sqr {200: y0, 212: y2, 224: y4}
// stack: a, k-1, sqr {12: y0, 24: y2, 36: y4}
ISZERO
// stack: skip?, k-1, sqr {200: y0, 212: y2, 224: y4}
// stack: skip?, k-1, sqr {12: y0, 24: y2, 36: y4}
%jumpi(power_loop_0_sq)
// stack: k-1, sqr {200: y0, 212: y2, 224: y4}
%stack () -> (200, 200, power_loop_0_sq)
// stack: 200, 200, power_loop_0_sq, k-1, sqr {200: y0, 212: y2, 224: y4}
// stack: k-1, sqr {12: y0, 24: y2, 36: y4}
%stack () -> (12, 12, power_loop_0_sq)
// stack: 12, 12, power_loop_0_sq, k-1, sqr {12: y0, 24: y2, 36: y4}
DUP5
// stack: sqr, 200, 200, power_loop_0_sq, k-1, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, 12, 12, power_loop_0_sq, k-1, sqr {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)
power_loop_0_sq:
// stack: k, sqr {200: y0, 212: y2, 224: y4}
// stack: k, sqr {12: y0, 24: y2, 36: y4}
PUSH power_loop_0
// stack: power_loop_0, k, sqr {200: y0, 212: y2, 224: y4}
// stack: power_loop_0, k, sqr {12: y0, 24: y2, 36: y4}
DUP3
DUP1
// stack: sqr, sqr, power_loop_0, k, sqr {200: y0, 212: y2, 224: y4}
// stack: sqr, sqr, power_loop_0, k, sqr {12: y0, 24: y2, 36: y4}
%jump(square_fp254_12)
power_loop_0_end:
// stack: 0, sqr {200: y0, 212: y2, 224: y4}
%stack (i, sqr) -> (200, sqr, 200, custom_powers)
// stack: 200, sqr, 200, custom_powers {200: y0, 212: y2, 224: y4}
// stack: 0, sqr {12: y0, 24: y2, 36: y4}
%stack (i, sqr) -> (12, sqr, 12, custom_powers)
// stack: 12, sqr, 12, custom_powers {12: y0, 24: y2, 36: y4}
%jump(mul_fp254_12)

60
evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/tate_pairing.asm
View File

@ -109,35 +109,35 @@ mul_tangent:
// stack: out, out, mul_tangent_1, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out
%jump(square_fp254_12)
mul_tangent_1:
// stack: out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out
// stack: out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out
DUP13
DUP13
DUP13
DUP13
// stack: Q, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out
// stack: Q, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out
DUP11
DUP11
// stack: O, Q, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out
// stack: O, Q, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out
%tangent
// stack: out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out {100: line}
%stack (out) -> (out, 100, out)
// stack: out, 100, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out {100: line}
// stack: out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out {0: line}
%stack (out) -> (out, 0, out)
// stack: out, 0, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out {0: line}
%jump(mul_fp254_12_sparse)
mul_tangent_2:
// stack: retdest, 0xnm, times, O, P, Q, out {100: line}
// stack: retdest, 0xnm, times, O, P, Q, out {0: line}
PUSH after_double
// stack: after_double, retdest, 0xnm, times, O, P, Q, out {100: line}
// stack: after_double, retdest, 0xnm, times, O, P, Q, out {0: line}
DUP6
DUP6
// stack: O, after_double, retdest, 0xnm, times, O, P, Q, out {100: line}
// stack: O, after_double, retdest, 0xnm, times, O, P, Q, out {0: line}
%jump(bn_double)
after_double:
// stack: 2*O, retdest, 0xnm, times, O, P, Q, out {100: line}
// stack: 2*O, retdest, 0xnm, times, O, P, Q, out {0: line}
SWAP5
POP
SWAP5
POP
// stack: retdest, 0xnm, times, 2*O, P, Q, out {100: line}
// stack: retdest, 0xnm, times, 2*O, P, Q, out {0: line}
JUMP
/// def mul_cord()
@ -146,26 +146,26 @@ after_double:
/// O += P
mul_cord:
// stack: 0xnm, times, O, P, Q, out
// stack: 0xnm, times, O, P, Q, out
PUSH mul_cord_1
// stack: mul_cord_1, 0xnm, times, O, P, Q, out
// stack: mul_cord_1, 0xnm, times, O, P, Q, out
DUP11
DUP11
DUP11
DUP11
// stack: Q, mul_cord_1, 0xnm, times, O, P, Q, out
// stack: Q, mul_cord_1, 0xnm, times, O, P, Q, out
DUP9
DUP9
// stack: O, Q, mul_cord_1, 0xnm, times, O, P, Q, out
// stack: O, Q, mul_cord_1, 0xnm, times, O, P, Q, out
DUP13
DUP13
// stack: P, O, Q, mul_cord_1, 0xnm, times, O, P, Q, out
// stack: P, O, Q, mul_cord_1, 0xnm, times, O, P, Q, out
%cord
// stack: mul_cord_1, 0xnm, times, O, P, Q, out {100: line}
// stack: mul_cord_1, 0xnm, times, O, P, Q, out {0: line}
DUP12
// stack: out, mul_cord_1, 0xnm, times, O, P, Q, out {100: line}
%stack (out) -> (out, 100, out)
// stack: out, 100, out, mul_cord_1, 0xnm, times, O, P, Q, out {100: line}
// stack: out, mul_cord_1, 0xnm, times, O, P, Q, out {0: line}
%stack (out) -> (out, 0, out)
// stack: out, 0, out, mul_cord_1, 0xnm, times, O, P, Q, out {0: line}
%jump(mul_fp254_12_sparse)
mul_cord_1:
// stack: 0xnm, times, O , P, Q, out
@ -202,7 +202,7 @@ after_add:
// stack: py^2 , 9, px, py, qx, qx_, qy, qy_
SUBFP254
// stack: py^2 - 9, px, py, qx, qx_, qy, qy_
%mstore_kernel_bn254_pairing(100)
%mstore_kernel_bn254_pairing(0)
// stack: px, py, qx, qx_, qy, qy_
DUP1
MULFP254
@ -218,7 +218,7 @@ after_add:
DUP3
MULFP254
// stack: (-3*px^2)qx, py, -3px^2, qx_, qy, qy_
%mstore_kernel_bn254_pairing(102)
%mstore_kernel_bn254_pairing(2)
// stack: py, -3px^2, qx_, qy, qy_
PUSH 2
MULFP254
@ -228,15 +228,15 @@ after_add:
DUP4
MULFP254
// stack: (2py)qy, -3px^2, qx_, 2py, qy_
%mstore_kernel_bn254_pairing(108)
%mstore_kernel_bn254_pairing(8)
// stack: -3px^2, qx_, 2py, qy_
MULFP254
// stack: (-3px^2)*qx_, 2py, qy_
%mstore_kernel_bn254_pairing(103)
%mstore_kernel_bn254_pairing(3)
// stack: 2py, qy_
MULFP254
// stack: (2py)*qy_
%mstore_kernel_bn254_pairing(109)
%mstore_kernel_bn254_pairing(9)
%endmacro
/// def cord(p1x, p1y, p2x, p2y, qx, qy):
@ -258,7 +258,7 @@ after_add:
// stack: p1y*p2x , p2y*p1x, p1x , p1y, p2x , p2y, qx, qx_, qy, qy_
SUBFP254
// stack: p1y*p2x - p2y*p1x, p1x , p1y, p2x , p2y, qx, qx_, qy, qy_
%mstore_kernel_bn254_pairing(100)
%mstore_kernel_bn254_pairing(0)
// stack: p1x , p1y, p2x , p2y, qx, qx_, qy, qy_
SWAP3
// stack: p2y , p1y, p2x , p1x, qx, qx_, qy, qy_
@ -273,20 +273,20 @@ after_add:
DUP5
MULFP254
// stack: (p1x - p2x)qy, p2y - p1y, qx, qx_, p1x - p2x, qy_
%mstore_kernel_bn254_pairing(108)
%mstore_kernel_bn254_pairing(8)
// stack: p2y - p1y, qx, qx_, p1x - p2x, qy_
SWAP1
// stack: qx, p2y - p1y, qx_, p1x - p2x, qy_
DUP2
MULFP254
// stack: (p2y - p1y)qx, p2y - p1y, qx_, p1x - p2x, qy_
%mstore_kernel_bn254_pairing(102)
%mstore_kernel_bn254_pairing(2)
// stack: p2y - p1y, qx_, p1x - p2x, qy_
MULFP254
// stack: (p2y - p1y)qx_, p1x - p2x, qy_
%mstore_kernel_bn254_pairing(103)
%mstore_kernel_bn254_pairing(3)
// stack: p1x - p2x, qy_
MULFP254
// stack: (p1x - p2x)*qy_
%mstore_kernel_bn254_pairing(109)
%mstore_kernel_bn254_pairing(9)
%endmacro

76
evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/degree_12_mul.asm
View File

@ -66,73 +66,73 @@ mul_fp254_12_1:
// stack: f'g', g' , f', inA, inB, out
%dup_fp254_6_0
// stack: f'g', f'g', g' , f', inA, inB, out
%store_fp254_6_sh(0)
// stack: f'g', g' , f', inA, inB, out {0: sh(f'g')}
%store_fp254_6(6)
// stack: g' , f', inA, inB, out {0: sh(f'g'), 6: f'g'}
%store_fp254_6_sh(84)
// stack: f'g', g' , f', inA, inB, out {84: sh(f'g')}
%store_fp254_6(90)
// stack: g' , f', inA, inB, out {84: sh(f'g'), 90: f'g'}
DUP13
// stack: inA, g' , f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: inA, g' , f', inA, inB, out {84: sh(f'g'), 90: f'g'}
DUP15
// stack: inB, inA, g' , f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: inB, inA, g' , f', inA, inB, out {84: sh(f'g'), 90: f'g'}
%load_fp254_6
// stack: g , inA, g' , f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: g , inA, g' , f', inA, inB, out {84: sh(f'g'), 90: f'g'}
%stack (f: 6, x, g: 6) -> (g, x, f)
// stack: g', inA, g , f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: g', inA, g , f', inA, inB, out {84: sh(f'g'), 90: f'g'}
%dup_fp254_6_7
// stack: g,g', inA, g , f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: g,g', inA, g , f', inA, inB, out {84: sh(f'g'), 90: f'g'}
%add_fp254_6
// stack: g+g', inA, g , f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: g+g', inA, g , f', inA, inB, out {84: sh(f'g'), 90: f'g'}
%stack (f: 6, x, g: 6) -> (g, x, f)
// stack: g, inA, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: g, inA, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'}
PUSH mul_fp254_12_2
// stack: mul_fp254_12_2, g, inA, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: mul_fp254_12_2, g, inA, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'}
SWAP7
// stack: inA, g, mul_fp254_12_2, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: inA, g, mul_fp254_12_2, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'}
%load_fp254_6
// stack: f, g, mul_fp254_12_2, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'}
// stack: f, g, mul_fp254_12_2, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'}
%jump(mul_fp254_6)
mul_fp254_12_2:
// stack: fg, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'}
%store_fp254_6(12)
// stack: g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: fg, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'}
%store_fp254_6(96)
// stack: g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%stack (x: 6, y: 6) -> (y, x)
// stack: f', g+g', inA, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: f', g+g', inA, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
PUSH mul_fp254_12_3
// stack: mul_fp254_12_3, f', g+g', inA, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: mul_fp254_12_3, f', g+g', inA, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
SWAP13
// stack: inA, f', g+g', mul_fp254_12_3, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: inA, f', g+g', mul_fp254_12_3, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%load_fp254_6
// stack: f,f', g+g', mul_fp254_12_3, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: f,f', g+g', mul_fp254_12_3, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%add_fp254_6
// stack: f+f', g+g', mul_fp254_12_3, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: f+f', g+g', mul_fp254_12_3, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%jump(mul_fp254_6)
mul_fp254_12_3:
// stack: (f+f')(g+g'), inB, out {0: sh(f'g'), 6: f'g', 12: fg}
%load_fp254_6(12)
// stack: fg, (f+f')(g+g'), inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: (f+f')(g+g'), inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%load_fp254_6(96)
// stack: fg, (f+f')(g+g'), inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%stack (x: 6, y: 6) -> (y, x)
// stack: (f+f')(g+g'), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: (f+f')(g+g'), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%dup_fp254_6_6
// stack: fg, (f+f')(g+g'), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
%load_fp254_6(6)
// stack: f'g',fg, (f+f')(g+g'), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: fg, (f+f')(g+g'), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%load_fp254_6(90)
// stack: f'g',fg, (f+f')(g+g'), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%add_fp254_6
// stack: f'g'+fg, (f+f')(g+g'), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: f'g'+fg, (f+f')(g+g'), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%subr_fp254_6
// stack: (f+f')(g+g') - (f'g'+fg), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: (f+f')(g+g') - (f'g'+fg), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
DUP14
%add_const(6)
// stack: out', (f+f')(g+g') - (f'g'+fg), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: out', (f+f')(g+g') - (f'g'+fg), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%store_fp254_6
// stack: fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
%load_fp254_6(0)
// stack: sh(f'g') , fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%load_fp254_6(84)
// stack: sh(f'g') , fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%add_fp254_6
// stack: sh(f'g') + fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: sh(f'g') + fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
DUP8
// stack: out, sh(f'g') + fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: out, sh(f'g') + fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%store_fp254_6
// stack: inB, out {0: sh(f'g'), 6: f'g', 12: fg}
// stack: inB, out {84: sh(f'g'), 90: f'g', 96: fg}
%pop2
JUMP

6
evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/inverse.asm
View File

@ -29,12 +29,12 @@ global inv_fp254_12:
// stack: out, f^-1, inp, out, retdest
%store_fp254_12
// stack: inp, out, retdest
%stack (inp, out) -> (inp, out, 50, check_inv_fp254_12)
// stack: inp, out, 50, check_inv_fp254_12, retdest
%stack (inp, out) -> (inp, out, 72, check_inv_fp254_12)
// stack: inp, out, 72, check_inv_fp254_12, retdest
%jump(mul_fp254_12)
check_inv_fp254_12:
// stack: retdest
PUSH 50
PUSH 72
%load_fp254_12
// stack: unit?, retdest
%assert_eq_unit_fp254_12

18
evm/src/cpu/kernel/tests/bn254.rs
View File

@ -94,8 +94,8 @@ fn test_mul_fp6() -> Result<()> {
}
fn setup_mul_fp12_test(out: usize, f: Fp12, g: Fp12, label: &str) -> InterpreterSetup {
let in0: usize = 64;
let in1: usize = 76;
let in0: usize = 200;
let in1: usize = 212;
let mut stack = vec![
U256::from(in0),
@ -115,7 +115,7 @@ fn setup_mul_fp12_test(out: usize, f: Fp12, g: Fp12, label: &str) -> Interpreter
#[test]
fn test_mul_fp12() -> Result<()> {
let out: usize = 88;
let out: usize = 224;
let mut rng = rand::thread_rng();
let f: Fp12 = rng.gen::<Fp12>();
@ -191,7 +191,7 @@ fn setup_frob_fp12_test(ptr: usize, f: Fp12, label: &str) -> InterpreterSetup {
#[test]
fn test_frob_fp12() -> Result<()> {
let ptr: usize = 100;
let ptr: usize = 200;
let mut rng = rand::thread_rng();
let f: Fp12 = rng.gen::<Fp12>();
@ -226,8 +226,8 @@ fn test_frob_fp12() -> Result<()> {
#[test]
fn test_inv_fp12() -> Result<()> {
let ptr: usize = 100;
let inv: usize = 112;
let ptr: usize = 200;
let inv: usize = 212;
let mut rng = rand::thread_rng();
let f: Fp12 = rng.gen::<Fp12>();
@ -247,7 +247,7 @@ fn test_inv_fp12() -> Result<()> {
#[test]
fn test_invariant_exponent() -> Result<()> {
let ptr: usize = 400;
let ptr: usize = 200;
let mut rng = rand::thread_rng();
let f: Fp12 = rng.gen::<Fp12>();
@ -348,8 +348,8 @@ fn test_miller() -> Result<()> {
#[test]
fn test_tate() -> Result<()> {
let ptr: usize = 300;
let out: usize = 400;
let ptr: usize = 200;
let out: usize = 206;
let inputs: Vec<U256> = vec![
CURVE_GENERATOR.x.val,
CURVE_GENERATOR.y.val,